Question about cell phone / data protection?

I recently heard rumors that the Ps4 parties should now be bugged. That has apparently been resolved and Sony has commented on it.

That made me think about my own privacy protection in relation to the smartphone. It is clear to me that there are already many articles about Whatsapp / phone tapping.

But what about our files on the cell phones (I have a Samsung). Can any third party / NSA / Samsung or something like that see what we're doing on our cell phone / or what data / photos / videos / apps we have on the cell phones?

If the cell phones are infected by malware, it is clear that such a thing is possible. But without this? And if the Android internal anti-virus scanner does not report a threat.

What do you all mean?

So, where do I start… The virus scanner is a double-edged sword: On the one hand, they can detect known viruses and unmask unknown viruses through suspicious behavior. Nevertheless, they can never guarantee absolute security; on the contrary: they themselves often create security gaps in the system that offer attackers an additional opportunity to break in.

In addition, many AV programs contain so-called trackers that analyze your behavior for advertising purposes.

In addition, such programs can't protect against social engineering, i.e. Against scams in which one is tempted to pass on sensitive data on one's own initiative or to install malicious programs. Why else do we keep getting emails from the Nigerian heir to the throne?

Antivirus software is therefore not a real or reliable barrier against hacking.

IT expert Mike Kuketz on AV software:

https://www.kuketz-blog.de/antivirus-apps-fuer-android-sinnvoll-oder-nutzlos
https://www.kuketz-blog.de/antiviren-scanner-mehr-risiko-als-schutz-snakeoil-teil1/

On the subject of surveillance: Thanks to whistleblower Edward Snowden, we know that the NSA has access to user data from many companies, for example from Apple, Microsoft, Google, Amazon, Facebook… The main issue here is who what, how long and where on the Internet, who chats with whom, when, how long, how often, etc. Such data is automatically passed on to the NSA.

The Guardian. NSA Files Decoded: https://www.theguardian.com/...-nsa-files

The mirror. The NSA is preparing for a cyber campaign: https://www.spiegel.de/netzwelt/netzpolitik/snowden-dokumente-wie-die-nsa-digitale-kriege-vorbereitet-a-1013521.html

Wikipedia. Global surveillance and espionage affair:

https://de.wikipedia.org/...ff%C3%A4re

NSA graphic published by Snowden about which companies pass on which data:

The NSA can't intercept files on your mobile phone that easily because they are only stored locally on your mobile phone and are not sent over the Internet where the NSA could access them.

Nevertheless, the NSA can hack your cell phone, after all it is a secret service that produces viruses and malware itself or buys it from others. And as I said at the beginning, these are probably not detected by antivirus software either.

In addition, the NSA can of course exploit security gaps in your software if these have not yet been closed by updates. And because cell phone manufacturers usually no longer provide their products with security updates after a few months, this risk is of course particularly great.

And even if you have the latest updates, you can't rule out the possibility that the NSA has found a loophole that no one knows about (which has therefore not been closed). This is what is called zero day (0 days since the gap was discovered).

Now, the NSA doesn't hack every one of the billions of cell phones out there, simply because it's too time-consuming, so there will most likely not be an automatic file upload to the NSA (that would also appear on the Internet bill). That means you don't have to worry about your photos etc. At first.

Nevertheless, you can't be safe from the NSA and should, if possible, encrypt your files with a strong password to be on the safe side. You can do that with programs like VeraCrypt or AndroidCrypt.

Thank you, very interesting.

I can't find AndroidCrypt to download anywhere, only AES Crypt.

And what about Samsung and the files in the Samsung Safe Folder. Can they see my files?

Can the NSA also access the passwords for the Google accounts? That would be a bit too intense…

Instead of AndroidCrypt you can also use Crypt4All: https://play.google.com/...pt4AllLite

Or take a look here at Heise: https://www.heise.de/...luesselung

As for the "Secure Folder": It depends on whether it is only protected by a password or is really encrypted.

Your files are only really secure if they are encrypted, i.e. Have been changed in such a way that they can only be decrypted with the correct password and are otherwise no longer readable. Then nobody, neither a hacker nor the NSA nor yourself, can do anything with it if the correct password is not known.

But if the files are not really encrypted, but only a PIN is requested, then the "Safe Folder" protects you at most from your friends who have grabbed your cell phone and are looking for compromising images 😉

I don't know whether the "Secure Folder" really encrypts your files, but I wouldn't rely on it. I could tell you that if the "Safe Folder" were open source, i.e. The programming code was publicly accessible. As with many other programs, it is not.

And the NSA doesn't even need your password for your Google account, because Google forwards all data to them anyway. If Google were to save your password somewhere in clear text, I honestly wouldn't be surprised anymore. (Normally the user passwords are encrypted by such large providers, but you can't check it on Google because of its closed source).

Oops, I accidentally wrote an answer instead of a comment